CVE-2020-28429 Blast Radius

HIGH • CVSS 7.3All versions of package geojson2kml are vulnerable to Command Injection via the index.js file. PoC: var a =require("geojson2kml"); a("./","& touch JHU

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2020-28429.

Start Free Scan →← Back to CVE-2020-28429